Behavioral Biometrics Firm BioCatch Raises $30 Million

New York and Tel Aviv-based behavioral biometric authentication firm BioCatch has raised $30 million in new growth financing led by Maverick Ventures, and including American Express Ventures, NexStar Partners, Kreos Capital, CreditEase, OurCrowd, JANVEST Capital and other existing investors.

"We have raised $17 million over several angel and seed rounds," CEO Howard Edelstein told SecurityWeek. "This is our first growth round, bringing the total raised to $47M."

BioCatch was founded in Tel Aviv in 2011 by Avi Turgeman, Benny Rosenbaum, and Uri Rivner. Turgeman is an alumnus of the IDF Unit 8200 intelligence service, having spent six years as head of innovation in the unit. In this role, he studied how criminals -- or for him at that time, terrorists -- moved around the internet. It was the skills learned at this time that inspired the founding of BioCatch.

The company provides behavioral biometric authentication for both in-house corporate use, and new user online account creation. In normal corporate use, the service provides continuous authentication by first generating a legitimate user profile (it takes just a few minutes) and then continuously authenticating the user's biometric behavioral patterns against that profile. Most current access control systems only authenticate the user at log-on -- meaning that anyone could continue the session once it has commenced.

While this approach works for normal in-house corporate use, it doesn't prevent New Account Fraud where remote fraudsters create new accounts with online services such as banking and retail, using stolen or forged identities -- in this case there is no existing user profile to authenticate against.

New Account Fraud is frequently attempted following major PII data breaches, such as the IRS and Anthem Health breaches in 2015, and the Equifax breach in 2017. Criminals collate and compile stolen details to either impersonate a genuine person or create a fictitious character in order to generate a new fraudulent account with a bank or retail organization.

With no legitimate user profile available, BioCatch monitors and compares the actual online account generation behavior with typical legitimate user and typical criminal user behavior. This is where Turgeman's criminal/terrorist Unit 8200 training comes in. -- it turns out that there are significant measurable differences between criminal and legitimate usage patterns.

For example, criminal users tend to show a greater familiarity and facility with the account application form, while genuine users are more comfortable with their own personal details (full name, DoB, address, etc). Similarly, criminal users tend to display more advanced keyboard skills than legitimate users -- for example, the use of ALT-Tab is common to criminals but used by only 13% of the general population.

BioCatch monitors the entire account generation process examining usage parameters in three main categories: application fluency, computer skill level, and data familiarity. By the time the form is complete, BioCatch is able to say with great accuracy whether the application is likely to be genuine or fraudulent.

This also works with banking malware and existing customers. "For example," Edelstein told SecurityWeek, "a CFO was logged in to his online corporate bank and was working on a series of payables. He was in his office using his standard machine (ie, right location and right device). When he went to confirm the total amount of the payments, which came to $1.6M, he got an alert that the session was blocked, and he had to call the Call Center."

While he had been attempting the transactions, a remote access attack was changing all the routing numbers and account numbers in the background. "The BioCatch system detected this based on various behavioral anomalies that were happening in the session," continued Edelstein, "and sent an alert in real time to the bank and stopped the transaction from going through."

"BioCatch's robust behavioral analytics platform is helping companies identify and stop fraudulent activity without sacrificing the user experience for legitimate customers," said Harshul Sanghi, Managing Partner of Amex Ventures, the strategic investment group within American Express. "The demand for organizations to strike that balance will only increase as digital engagement with their customers grows, and cyber threats become more sophisticated. We're excited to support BioCatch as it works to expand its capabilities and help organizations, including American Express, address this critical need."

BioCatch proactively collects and analyzes more than 2,000 parameters to generate user profiles and model different types of genuine and malicious behavior. The platform can address a wide range of threats at login and beyond by identifying malware, robotic activity, social engineering (phishing, etc.) and other cyber threats, which is a differentiator from traditional fraud approaches and other behavioral biometrics providers. The company monitors more than 5 billion transactions per month and generates real-time alerts when behavioral anomalies are detected.

The technology is supported by more than 50 patents that are either granted or pending.

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.